| blob | 3c273483df239647ddeeeaa8c0d1f63245233754 |
1 # SPDX-License-Identifier: GPL-2.0-only
2 menuconfig IP_SET
3 tristate "IP set support"
4 depends on INET && NETFILTER
5 select NETFILTER_NETLINK
6 help
7 This option adds IP set support to the kernel.
8 In order to define and use the sets, you need the userspace utility
9 ipset(8). You can use the sets in netfilter via the "set" match
10 and "SET" target.
12 To compile it as a module, choose M here. If unsure, say N.
14 if IP_SET
16 config IP_SET_MAX
17 int "Maximum number of IP sets"
18 default 256
19 range 2 65534
20 depends on IP_SET
21 help
22 You can define here default value of the maximum number
23 of IP sets for the kernel.
25 The value can be overridden by the 'max_sets' module
26 parameter of the 'ip_set' module.
28 config IP_SET_BITMAP_IP
29 tristate "bitmap:ip set support"
30 depends on IP_SET
31 help
32 This option adds the bitmap:ip set type support, by which one
33 can store IPv4 addresses (or network addresse) from a range.
35 To compile it as a module, choose M here. If unsure, say N.
37 config IP_SET_BITMAP_IPMAC
38 tristate "bitmap:ip,mac set support"
39 depends on IP_SET
40 help
41 This option adds the bitmap:ip,mac set type support, by which one
42 can store IPv4 address and (source) MAC address pairs from a range.
44 To compile it as a module, choose M here. If unsure, say N.
46 config IP_SET_BITMAP_PORT
47 tristate "bitmap:port set support"
48 depends on IP_SET
49 help
50 This option adds the bitmap:port set type support, by which one
51 can store TCP/UDP port numbers from a range.
53 To compile it as a module, choose M here. If unsure, say N.
55 config IP_SET_HASH_IP
56 tristate "hash:ip set support"
57 depends on IP_SET
58 help
59 This option adds the hash:ip set type support, by which one
60 can store arbitrary IPv4 or IPv6 addresses (or network addresses)
61 in a set.
63 To compile it as a module, choose M here. If unsure, say N.
65 config IP_SET_HASH_IPMARK
66 tristate "hash:ip,mark set support"
67 depends on IP_SET
68 help
69 This option adds the hash:ip,mark set type support, by which one
70 can store IPv4/IPv6 address and mark pairs.
72 To compile it as a module, choose M here. If unsure, say N.
74 config IP_SET_HASH_IPPORT
75 tristate "hash:ip,port set support"
76 depends on IP_SET
77 help
78 This option adds the hash:ip,port set type support, by which one
79 can store IPv4/IPv6 address and protocol/port pairs.
81 To compile it as a module, choose M here. If unsure, say N.
83 config IP_SET_HASH_IPPORTIP
84 tristate "hash:ip,port,ip set support"
85 depends on IP_SET
86 help
87 This option adds the hash:ip,port,ip set type support, by which
88 one can store IPv4/IPv6 address, protocol/port, and IPv4/IPv6
89 address triples in a set.
91 To compile it as a module, choose M here. If unsure, say N.
93 config IP_SET_HASH_IPPORTNET
94 tristate "hash:ip,port,net set support"
95 depends on IP_SET
96 help
97 This option adds the hash:ip,port,net set type support, by which
98 one can store IPv4/IPv6 address, protocol/port, and IPv4/IPv6
99 network address/prefix triples in a set.
101 To compile it as a module, choose M here. If unsure, say N.
103 config IP_SET_HASH_IPMAC
104 tristate "hash:ip,mac set support"
105 depends on IP_SET
106 help
107 This option adds the hash:ip,mac set type support, by which
108 one can store IPv4/IPv6 address and MAC (ethernet address) pairs in a set.
110 To compile it as a module, choose M here. If unsure, say N.
112 config IP_SET_HASH_MAC
113 tristate "hash:mac set support"
114 depends on IP_SET
115 help
116 This option adds the hash:mac set type support, by which
117 one can store MAC (ethernet address) elements in a set.
119 To compile it as a module, choose M here. If unsure, say N.
121 config IP_SET_HASH_NETPORTNET
122 tristate "hash:net,port,net set support"
123 depends on IP_SET
124 help
125 This option adds the hash:net,port,net set type support, by which
126 one can store two IPv4/IPv6 subnets, and a protocol/port in a set.
128 To compile it as a module, choose M here. If unsure, say N.
130 config IP_SET_HASH_NET
131 tristate "hash:net set support"
132 depends on IP_SET
133 help
134 This option adds the hash:net set type support, by which
135 one can store IPv4/IPv6 network address/prefix elements in a set.
137 To compile it as a module, choose M here. If unsure, say N.
139 config IP_SET_HASH_NETNET
140 tristate "hash:net,net set support"
141 depends on IP_SET
142 help
143 This option adds the hash:net,net set type support, by which
144 one can store IPv4/IPv6 network address/prefix pairs in a set.
146 To compile it as a module, choose M here. If unsure, say N.
148 config IP_SET_HASH_NETPORT
149 tristate "hash:net,port set support"
150 depends on IP_SET
151 help
152 This option adds the hash:net,port set type support, by which
153 one can store IPv4/IPv6 network address/prefix and
154 protocol/port pairs as elements in a set.
156 To compile it as a module, choose M here. If unsure, say N.
158 config IP_SET_HASH_NETIFACE
159 tristate "hash:net,iface set support"
160 depends on IP_SET
161 help
162 This option adds the hash:net,iface set type support, by which
163 one can store IPv4/IPv6 network address/prefix and
164 interface name pairs as elements in a set.
166 To compile it as a module, choose M here. If unsure, say N.
168 config IP_SET_LIST_SET
169 tristate "list:set set support"
170 depends on IP_SET
171 help
172 This option adds the list:set set type support. In this
173 kind of set one can store the name of other sets and it forms
174 an ordered union of the member sets.
176 To compile it as a module, choose M here. If unsure, say N.
178 endif # IP_SET